Cryptocurrency exchange Bybit experienced what may be the largest security breach in the history of digital currencies, with a reported $1.46 billion in Ethereum (ETH) being withdrawn from its hot wallets. The CEO of Bybit, Ben Zhou, confirmed the hack via social media, stating that a hacker had taken control of a specific ETH cold wallet and transferred all its contents to an unidentified address.
The breach was first suspected when on-chain data revealed a massive transfer of 401,346 ETH, valued at approximately $1.13 billion, from Bybit's hot wallet to an unknown wallet. This transfer not only raised alarms about a potential hack but also affected Ethereum's market price, with the cryptocurrency dropping over 4% as the stolen funds began to be liquidated.
Zhou assured users that despite the breach, all other cold wallets remained secure and that withdrawals were operating normally. According to details provided by Zhou, the hack was executed by deceiving the wallet signers with a fake user interface that displayed the correct address, leading them to unknowingly approve a change to the smart contract logic. This gave the attacker full control over the wallet, enabling the theft of all ETH contained within it.
The method used in the Bybit hack closely resembles the techniques employed in previous significant breaches, such as the WazirX and Radiant Capital hacks of 2024. Security experts have compared the Bybit incident to these past events, highlighting the similarities in the attackers' approach.
The immediate aftermath of the hack saw nearly $200 million worth of Lido Staked Ether (stETH) sold within the first half-hour, further impacting Ethereum's market value. As the investigation into the hack continues, further updates are expected to be made available. This incident serves as a stark reminder of the vulnerabilities present in the realm of cryptocurrency exchanges and the importance of robust security measures.
This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.